Host Based Intrusion Detection for VANETs: A statistical approach to Rogue Node Detection

In this paper, an intrusion detection system (IDS) for vehicular ad hoc networks (VANETs) is proposed and evaluated. The IDS is evaluated by simulation in the presence of rogue nodes (RNs) that can launch different attacks. The proposed IDS is capable of detecting a false information attack using statistical techniques effectively and can also detect other types of attacks. First, the theory and implementation of the VANET model that is used to train the IDS is discussed. Then, an extensive simulation and analysis of our model under different traffic conditions is conducted to identify the effects of these parameters in VANETs. In addition, the extensive data gathered in the simulations are presented using graphical and statistical techniques. Moreover, RNs are introduced in the network, and an algorithm is presented to detect these RNs. Finally, we evaluate our system and observe that the proposed application-layer IDS based on a cooperative information exchange mechanism is better for dynamic and fast-moving networks such as VANETs, as compared with other techniques available

Nuevas herramientas de seguridad cooperativa para redes Ad-Hoc vehiculares

La seguridad vial es un tema de interés general. Pese al éxito de las medidas aplicadas hasta el momento, las cifras de siniestralidad vial en la Unión Europea siguen siendo inaceptables. Si a la fundamental cuestión de los accidentes se le suman los atascos, la conclusión es que las carreteras conllevan una compleja problemática que requiere una solución urgente tanto por las consecuencias en las pérdidas de vidas, como por su negativo efecto en la economía y en el medioambiente. No es raro pues que el problema sea objeto de creciente atención, y que exista un Programa de Acción Europeo de Seguridad Vial que se centra en: mentalizar a los usuarios para que tengan un comportamiento más responsable (mayor cumplimiento de la normativa y menor tolerancia ante los comportamientos peligrosos), aumentar la seguridad de los vehículos mediante el apoyo a los avances técnicos y mejorar las infraestructuras viales gracias a las Tecnologías de la Información y la Comunicación. Como propuesta para este último objetivo, surgen las redes ad-hoc vehiculares o VANETs (Vehicular Ad-hoc NETworks), en las que los vehículos se comunican entre sí para prevenir y/o evitar circunstancias adversas en las carreteras y lograr una gestión más eficiente del tráfico. Para que este tipo de redes llegue a convertirse en una tecnología real que garantice la seguridad pública en las carreteras, son necesarias diversas herramientas de seguridad de las comunicaciones que las protejan de los posibles tipos de ataques, entre los que destacan: ataques a la red que pongan en peligro su conectividad, ataques a la privacidad y anonimato de los usuarios, y ataques al contenido de la información que modifiquen su contenido. El propósito fundamental de la presente memoria es la propuesta de nuevas herramientas que permitan proteger las VANETs frente a dichos ataques, asegurando en la medida de lo posible que la información generada en ellas, así como su retransmisión se realice correctamente. Como resultado principal de esta investigación, y en colaboración con otras investigaciones, destaca VAiPho (VANET in Phones), que es una herramienta para la asistencia a la conducción que permite crear una red ad-hoc vehicular real y segura, utilizando únicamente teléfonos móviles inteligentes. En su estado actual, VAiPho hace factible el despliegue de las VANETs principalmente en entornos urbanos y con aplicación en detección de atascos y plazas de aparcamiento libres y de vehículo aparcado. Dicha herramienta es el origen de una patente de la Universidad de La Laguna ya licenciada a una empresa. Esta Tesis incluye un análisis de diversos mecanismos de seguridad necesarios para desplegar una VANET confiable y funcional en la que los nodos sean totalmente autónomos e independientes, proponiéndose una serie de nuevos protocolos, algunos de los cuales hacen uso de soluciones basadas en Criptografía. La primera parte de esta memoria presenta un estudio de diferentes técnicas de fomento de la cooperación para animar a los usuarios a participar en las funcionalidades básicas de la red como por ejemplo la retransmisión de paquetes de información, ya sea de valor añadido o de seguridad vial. Nuestro principal objetivo en esta parte es que los nodos sean capaces de desplegar la VANET con un alto nivel de productividad, permitiendo el intercambio de información sobre los eventos que surgen en la carretera, e incrementando el alcance del rango de cobertura de los nodos dentro de la red. En concreto se presentan diferentes estrategias para motivar a los nodos a participar en la retransmisión correcta de paquetes, además de para asegurar una mayor disponibilidad y calidad de la red. En la segunda parte del documento se discute la necesidad de proteger el contenido de la información retransmitida en la VANET mediante técnicas de agregación de datos. Cuando los nodos reciben un paquete no son capaces de determinar si el nodo que lo generó tenía buena o mala intención, por lo que no les resulta fácil descubrir si la información que contiene es fiable o no. Por tanto, un protocolo que garantice la veracidad de la información sin suponer un retardo importante es esencial para poder desplegar y asegurar el funcionamiento de este tipo de redes. En este trabajo se propone la verificación probabilística para mejorar la eficiencia del proceso. Además, con el objetivo de disminuir el tiempo necesario para generar la información, se utiliza una estructura de grupo que permite manejar de forma eficaz los paquetes agregados generados. Finalmente se presenta la implementación de algunos de los mecanismos pro\-pues\-tos en teléfonos móviles inteligentes. Los resultados obtenidos en entornos reales son usados para perfeccionar simulaciones NS-2 a gran escala, proporcionando una visión de los protocolos de seguridad que mejor se adaptan a las características de las VANETs. Además dicha implementación ofrece la posibilidad de desplegar una VANET real y segura de manera rápida y económic

A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

Detecting Rogue Nodes In Vehicular Ad-hoc Networks (DETER)

Vehicular ad hoc Networks (VANETs) are self-organizing networks of vehicles equipped with radios and processors. VANETs are very promising as they can make driving safer by improving road awareness through sharing of information from sensors. Vehicles communicate with each other wirelessly to exchange information and this exchange of information is susceptible to attacks of different kinds. There are some very important issues that need to be resolved before VANETs can be deployed on large scale. Security and privacy issues are undoubtedly the most important factors that need to be resolved. Amongst various problems to be solved in VANETs is the issue of rogue nodes and their impact on the network. This thesis discusses the problems associated with the security and privacy of vehicular networks in the presence of rogue nodes. The rogue nodes can share / inject false data in the network which can cause serious harm. The techniques proposed make VANETs secure and prevent them from the harmful impact of rogue nodes. The proposed work makes the network safer by making it fault tolerant and resilient in the presence of rogue nodes that can be detected and reported. As VANETs are highly dynamic and fast moving so, a data centric scheme is proposed that can determine if a node is rogue or not just by analysing its data. The work then enhances the developed mechanism by applying hypothesis testing and other statistical techniques to detect intrusions in the network by rogue nodes. The technique is simulated using OMNET++, SUMO and VACAMobil and the results obtained have been presented, discussed and compared to previous works. In order to prevent rogue nodes from becoming part of the VANETs this thesis also presents a novel framework for managing the digital identity in the vehicular networks. This framework authenticates the user and the vehicle separately from two authorities and allows him to communicate securely with the infrastructure using IBE (Identity Based Encryption). The proposed technique also preserves the privacy of the user. The proposed scheme allows traceability and revocation so that users can be held accountable and penalised. The results have been compared to previous works of similar nature. The thesis also discusses the Sybil attack and how to detect them using game theory in a VANET environment

Enhancing service quality and reliability in intelligent traffic system

Intelligent Traffic Systems (ITS) can manage on-road traffic efficiently based on real-time traffic conditions, reduce delay at the intersections, and maintain the safety of the road users. However, emergency vehicles still struggle to meet their targeted response time, and an ITS is vulnerable to various types of attacks, including cyberattacks. To address these issues, in this dissertation, we introduce three techniques that enhance the service quality and reliability of an ITS. First, an innovative Emergency Vehicle Priority System (EVPS) is presented to assist an Emergency Vehicle (EV) in attending the incident place faster. Our proposed EVPS determines the proper priority codes of EV based on the type of incidents. After priority code generation, EVPS selects the number of traffic signals needed to be turned green considering the impact on other vehicles gathered in the relevant adjacent cells. Second, for improving reliability, an Intrusion Detection System for traffic signals is proposed for the first time, which leverages traffic and signal characteristics such as the flow rate, vehicle speed, and signal phase time. Shannon’s entropy is used to calculate the uncertainty associated with the likelihood of particular evidence and Dempster-Shafer (DS) decision theory is used to fuse the evidential information. Finally, to improve the reliability of a future ITS, we introduce a model that assesses the trust level of four major On-Board Units (OBU) of a self-driving car along with Global Positioning System (GPS) data and safety messages. Both subjective logic (DS theory) and CertainLogic are used to develop the theoretical underpinning for estimating the trust value of a self-driving car by fusing the trust value of four OBU components, GPS data and safety messages. For evaluation and validation purposes, a popular and widely used traffic simulation package, namely Simulation of Urban Mobility (SUMO), is used to develop the simulation platform using a real map of Melbourne CBD. The relevant historical real data taken from the VicRoads website were used to inject the traffic flow and density in the simulation model. We evaluated the performance of our proposed techniques considering different traffic and signal characteristics such as occupancy rate, flow rate, phase time, and vehicle speed under many realistic scenarios. The simulation result shows the potential efficacy of our proposed techniques for all selected scenarios.Doctor of Philosoph

From MANET to people-centric networking: Milestones and open research challenges

In this paper, we discuss the state of the art of (mobile) multi-hop ad hoc networking with the aim to present the current status of the research activities and identify the consolidated research areas, with limited research opportunities, and the hot and emerging research areas for which further research is required. We start by briefly discussing the MANET paradigm, and why the research on MANET protocols is now a cold research topic. Then we analyze the active research areas. Specifically, after discussing the wireless-network technologies, we analyze four successful ad hoc networking paradigms, mesh networks, opportunistic networks, vehicular networks, and sensor networks that emerged from the MANET world. We also present an emerging research direction in the multi-hop ad hoc networking field: people centric networking, triggered by the increasing penetration of the smartphones in everyday life, which is generating a people-centric revolution in computing and communications

Soluciones para la autenticación y gestión de subredes en manets y vanets

En los últimos años las redes inalámbricas están ganando cada vez más popularidad conforme sus prestaciones aumentan y se descubren nuevas aplicaciones. Dichas redes permiten a sus usuarios acceder a información y recursos en tiempo real sin necesidad de estar físicamente conectados. Además, ofrecen una gran flexibilidad a un bajo coste ya que en general no hay necesidad de usar instalaciones cableadas lo que implica que sean fácilmente desplegables. Es por eso que resultan muy útiles en entornos donde es muy costoso instalar infraestructuras fijas, como son entornos militares, agrícolas, situaciones de emergencia, etc. Las redes móviles ad-hoc o MANETs (Mobile Ad-hoc NETworks) son un tipo de red inalámbrica, distribuida y sin autoridad central en las que los nodos son móviles. El comportamiento de una MANET es en muchos aspectos similar al de una red Peer-TO-Peer (P2P) pues en ambos casos los nodos de la red reciben y envían información de forma descentralizada. La gestión de las MANETs conlleva muchas dificultades ya que por ejemplo su topología cambia constantemente debido a la movilidad de los nodos y a la inexistencia de una infraestructura fija. Las redes ad-hoc vehiculares o VANETs (Vehicular Ad-hoc NETworks) pueden considerarse un subconjunto de las MANETs en las que los nodos móviles son vehículos. En su definición clásica, las VANETs permiten comunicar información no solo entre las unidades a bordo u OBUs (On Board Units) situadas en los vehículos, sino también con la infraestructura de la carretera o RSU (Road Side Unit). El objetivo principal de estos sistemas es proporcionar un mejor conocimiento de las condiciones de las carreteras a los conductores para reducir el número de accidentes y lograr que la conducción sea más cómoda y fluida, reduciendo con ello la cantidad de CO2 que los vehículos expulsan a la atmósfera. Las redes ad-hoc son especialmente vulnerables a varios tipos de ataques, tanto activos como pasivos. Por ejemplo, un atacante puede intentar emular a un nodo legítimo y capturar paquetes de datos y de control, destruir tablas de encaminamiento, etc. En particular, los efectos de los ataques a las VANETs pueden ser muy destructivos, ya que pueden llegar incluso a causar muertes. Por este motivo, el propósito fundamental de la presente Tesis es la propuesta de nuevas herramientas que permitan proteger las redes móviles ad-hoc contra diferentes ataques, asegurando en la medida de lo posible que la generación de información, así como su retransmisión se realizan correctamente. Para ello, se proponen y analizan aquí nuevos esquemas de autenticación y gestión de subredes en MANETs y VANETs. Hay que destacar que las simulaciones juegan un papel fundamental en este trabajo ya que permiten analizar y evaluar el comportamiento de las propuestas realizadas a gran escala y en diversas condiciones. En particular, gran parte de los algoritmos diseñados en esta Tesis han sido simulados con el simulador de redes NS-2 y el simulador de tráfico SUMO. También son de gran interés en esta Tesis las implementaciones de algunas de las propuestas en dispositivos reales, ya que no sólo permiten evaluar su comportamiento en entornos reales, sino descubrir problemas que las simulaciones no detectan, y obtener datos reales para alimentar simulaciones a gran escala. Las implementaciones en dispositivos reales se han llevado a cabo en particular en la plataforma Windows Mobile usando Visual Studio 2008. Como resultado práctico de este trabajo, y en colaboración con otras investigaciones, surge VAiPho (VANET in Phones), que es una herramienta para la asistencia a la conducción. VAiPho permite crear una red vehicular real utilizando únicamente teléfonos móviles inteligentes, sin necesidad de instalar ningún tipo de infraestructura ni en los vehículos ni en la carretera. VAiPho cuenta ya con varias aplicaciones en entornos urbanos, tales como la detección de atascos, plazas de aparcamiento libres y vehículo aparcado. Dicha herramienta es el producto de la implementación de una patente presentada

Asioiden Internetin tietoturva: ratkaisuja, standardeja ja avoimia ongelmia

Internet of Things (IoT) extends the Internet to our everyday objects, which enables new kind of applications and services. These IoT applications face demanding technical challenges: the number of ‘things’ or objects can be very large, they can be very con-strained devices, and may need to operate on challenging and dynamic environments. However, the architecture of today’s Internet is based on many legacy protocols and technology that were not originally designed to support features like mobility or the huge and growing number of objects the Internet consists of today. Similarly, many security features of today’s Internet are additional layers built to fill up flaws in the un-derlying design. Fulfilling new technical requirements set by IoT applications requires efficient solutions designed for the IoT use from the ground up. Moreover, the imple-mentation of this new IoT technology requires interoperability and integration with tra-ditional Internet. Due to considerable technical challenges, the security is an often over-looked aspect in the emerging new IoT technology. This thesis surveys general security requirements for the entire field of IoT applica-tions. Out of the large amount of potential applications, this thesis focuses on two major IoT application fields: wireless sensor networks and vehicular ad-hoc networks. The thesis introduces example scenarios and presents major security challenges related to these areas. The common standards related to the areas are examined in the security perspective. The thesis also examines research work beyond the area of standardization in an attempt to find solutions to unanswered security challenges. The thesis aims to give an introduction to the security challenges in the IoT world and review the state of the security research through these two major IoT areas

A layered security approach for cooperation enforcement in MANETs

In fully self-organized MANETs, nodes are naturally reluctant to spend their precious resources forwarding other nodes' packets and are therefore liable to exhibit selfish or sometimes malicious behaviour. This selfishness could potentially lead to network partitioning and network performance degradation. Cooperation enforcement schemes, such as reputation and trust based schemes have been proposed to counteract the issue of selfishness. The sole purpose of these schemes is to ensure selfish nodes bear the consequences of their bad actions. However, malicious nodes can exploit mobility and free identities available to breach the security of these systems and escape punishment or detection. Firstly, in the case of mobility, a malicious node can gain benefit even after having been detected by a reputation-based system, by interacting directly with its source or destination nodes. Secondly, since the lack of infrastructure in MANETs does not suit centralized identity management or centralized Trusted Third Parties, nodes can create zero-cost identities without any restrictions. As a result, a selfish node can easily escape the consequences of whatever misbehaviour it has performed by simply changing identity to clear all its bad history, known as whitewashing. Hence, this makes it difficult to hold malicious nodes accountable for their actions. Finally, a malicious node can concurrently create and control more than one virtual identity to launch an attack, called a Sybil attack. In the context of reputation-based schemes, a Sybil attacker can disrupt the detection accuracy by defaming other good nodes, self-promoting itself or exchanging bogus positive recommendations about one of its quarantined identities. This thesis explores two aspects of direct interactions (DIs), i. e. Dis as a selfish nodes' strategy and Dis produced by inappropriate simulation parameters. In the latter case DIs cause confusion in the results evaluation of reputation-based schemes. We propose a method that uses the service contribution and consumption information to discourage selfish nodes that try to increase their benefit through DIs. We also propose methods that categorize nodes' benefits in order to mitigate the confusion caused in the results evaluation. A novel layered security approach is proposed using proactive and reactive paradigms to counteract whitewashing and Sybil attacks. The proactive paradigm is aimed at removing the advantages that whitewashing can provide by enforcing a non-monetary entry fee per new identity, in the form of cooperation in the network. The results show that this method deters these attackers by reducing their benefits in the network. In the reactive case, we propose a lightweight approach to detect new identities of whitewashers and Sybil attackers on the MAC layer using the 802.11 protocol without using any extra hardware. The experiments show that a signal strength based threshold exists which can help us detect Sybil and whitewashers' identities. Through the help of extensive simulations and real-world testbed experimentations, we are able to demonstrate that our proposed solution detects Sybil or whitewashers' new identities with good accuracy and reduces the benefits of malicious activity even in the presence of mobility

An intelligent intrusion detection system for external communications in autonomous vehicles

Advancements in computing, electronics and mechanical systems have resulted in the creation of a new class of vehicles called autonomous vehicles. These vehicles function using sensory input with an on-board computation system. Self-driving vehicles use an ad hoc vehicular network called VANET. The network has ad hoc infrastructure with mobile vehicles that communicate through open wireless channels. This thesis studies the design and implementation of a novel intelligent intrusion detection system which secures the external communication of self-driving vehicles. This thesis makes the following four contributions: It proposes a hybrid intrusion detection system to protect the external communication in self-driving vehicles from potential attacks. This has been achieved using fuzzification and artificial intelligence. The second contribution is the incorporation of the Integrated Circuit Metrics (ICMetrics) for improved security and privacy. By using the ICMetrics, specific device features have been used to create a unique identity for vehicles. Our work is based on using the bias in on board sensory systems to create ICMetrics for self-driving vehicles. The incorporation of fuzzy petri net in autonomous vehicles is the third contribution of the thesis. Simulation results show that the scheme can successfully detect denial-of-service attacks. The design of a clustering based hierarchical detection system has also been presented to detect worm hole and Sybil attacks. The final contribution of this research is an integrated intrusion detection system which detects various attacks by using a central database in BusNet. The proposed schemes have been simulated using the data extracted from trace files. Simulation results have been compared and studied for high levels of detection capability and performance. Analysis shows that the proposed schemes provide high detection rate with a low rate of false alarm. The system can detect various attacks in an optimised way owing to a reduction in the number of features, fuzzification